Minutes interim-2020-mls-23: Tue 11:00
minutes-interim-2020-mls-23-202010201100-00

Meeting Minutes Messaging Layer Security (mls) WG
Title Minutes interim-2020-mls-23: Tue 11:00
State Active
Other versions plain text
Last updated 2020-11-25

Meeting Minutes
minutes-interim-2020-mls-23-202010201100

# Issues/PRs

- #142, #160
  - Richard: Just close?
  - **Close**

- #426
  - Konrad: We inject GroupContext as if key. But purpose is to achieve key
    separation. Should either inject into each step, or have one Extract step
    before all.
  - Richard: Prefer once rather than all the time.
  - **Merge #427**

- #373
  - Brendan: Probably not something we're going to handle.
  - Richard: Agree, good to close.
  - **Close**

- No ticket
  - Joel: When is deadline to change how parent hashes are computed?
  - Brendan: Why
  - Joel: Discussed in past, whether parent hash should include tree hash or
    not. Creates weaker guarantees for member joining group. Say a signing key
    is leaked. Alice gets a Welcome and joins group. How quickly group is secure
    again depends on how parent hash is computed; including tree hash makes
    group secure faster.
  - Richard: Karthik was worried about group agreement at the interim in NY.
    Sounds like Joel has concrete attacks.
  - Brendan: I think this is controlled a lot by the fact that we sign
    GroupContexts.
  - **Conclusion:** Joel will raise in more detail on mailing list.

- #427
  - **Merge.**

- #423
  - **Merge.**

- #422
  - Raphael: Significant performance improvement in some cases.
  - **Merge.**

- #414
  - **Conclusion:** Minor issues to fix, then good to merge.

- #421
  - **Action items:**
    - Rename recovery secret to resumption.
    - Add back section on Recovery Key.
    - Add text to re-originate ReInit proposals when there are others.
    - Make clear with multiple ReInits.

- #406
  - Brendan: Contrasting GroupKeyPackage with GroupInfo, GroupInfo is signed.
    Shouldn't we also sign GroupKeyPackage?
  - Raphael: Bad for deniability.
  - Brendan: But if people use External Commit primarily, then it seems like you 
    have weaker group agreement.
  - Richard: Probably need to go to mailing list.
  - **Conclusion:** Additional concerns to be raised on mailing list.